API reference
List findings
Read the findings for a monitored site across its scans, filtered by status. Pair it with the acknowledge endpoint to drive the triage workflow programmatically.
GET
/v1/sites/{id}/findingsQuery parameters
| Field | Type | Status | Description |
|---|---|---|---|
| status | string | optional | Filter by open, acknowledged, resolved, or false_positive. Omit for all. |
bash
GET /v1/sites/site_a1b2/findings?status=openResponse
An array of findings. Each finding includes:
| Field | Type | Description |
|---|---|---|
| id | string | Finding id (use with the ack endpoint). |
| code | string | Stable finding code, e.g. tracking.pixel_on_intake. |
| category / severity | string | Category and severity (critical…info). |
| page_type | string | null | Where it was found — intake_form, appointment, portal, general… |
| title / description / remediation | string | Human-readable detail and the fix. |
| evidence | object | What triggered it (URLs, vendor names, header values). |
| status | string | open · acknowledged · resolved · false_positive. |
Acknowledge a finding
POST
/v1/sites/{id}/findings/{finding_id}/ackMove a finding through the workflow by posting a new status.
# List open findings
curl -s "https://api.sifthealth.app/v1/sites/site_a1b2/findings?status=open" \
-H "Authorization: Bearer $SIFT_API_KEY"
# Acknowledge one
curl -s -X POST \
https://api.sifthealth.app/v1/sites/site_a1b2/findings/find_77/ack \
-H "Authorization: Bearer $SIFT_API_KEY" \
-H "Content-Type: application/json" \
-d '{"status": "acknowledged"}'